package com.laomu.web.filter;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.SavedRequest;
import org.apache.shiro.web.util.WebUtils;

/**
 * 自定义登录过滤器
 * 
 * @ProjectName: [act-site]
 * @Package: [com.laomu.web.FormAutenticationFilter.java]
 * @ClassName: [FormAutenticationFilter]
 * @Description: [一句话描述该类的功能]
 * @Author: [老木]
 * @CreateDate: [2016年6月23日 下午2:10:02]
 * @UpdateUser: [老木]
 * @UpdateDate: [2016年6月23日 下午2:10:02]
 * @UpdateRemark: [说明本次修改内容]
 * @Version: [v1.0]
 */
public class LoginAuthenticationFilter extends FormAuthenticationFilter {

	@Override
	protected boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request,
			ServletResponse response) throws Exception {
		String successUrl = null;
		SavedRequest savedRequest = WebUtils.getAndClearSavedRequest(request);
		if (savedRequest != null && savedRequest.getMethod().equalsIgnoreCase(AccessControlFilter.GET_METHOD)) {
			successUrl = savedRequest.getRequestUrl();
			if (!successUrl.contains("sys/login")) {
				/*
				 * 如果系统保存的上一次请求对象中，没有包含请求路径，
				 * 就直接调用系统的登录成功跳转
				 */
				return super.onLoginSuccess(token, subject, request, response);
			}
		}
		successUrl = "/sys/index";
		HttpServletResponse resp = (HttpServletResponse) response;
		resp.sendRedirect(request.getServletContext().getContextPath() + successUrl);
		return false;
	}

}
